CERT warns about new Microsoft vulnerability

Free Newsletters

Log-in | Register

CERT warns about new Microsoft vulnerability Advisory calls attention to vulnerability in Windows 2000, XP
By Paul Roberts, IDG News Service November 12, 2003			E-mail Printer Friendly Reprints Slashdot It!

The CERT Coordination Center at Carnegie Mellon University issued an advisory Tuesday that calls attention to a recently disclosed security hole in Microsoft Corp.'s Windows 2000 and Windows XP operating systems.

Free IT resource

Virtualization Insights from Top Experts - Learn how virtualization gets real!

Sponsored by Microsoft

The buffer overrun vulnerability in the Workstation Service, a Windows component, is well-suited to exploitation by an Internet worm and would allow malicious hackers to remotely attack and compromise vulnerable systems, CERT said.

Microsoft released a "critical" security bulletin, MS03-049, and a software patch for the Workstation Service vulnerability Tuesday and encouraged all customers to download and install the patch immediately.

The service is turned "on" by default in Windows 2000 and Windows XP systems and allows computers on a network to connect to file servers and network printers, Microsoft said.

The CERT Advisory, CA-2003-28, echoes Microsoft's recommendation that users apply the patch immediately and encourages organizations to block ports 138, 139, and 445, which provide outsiders access to a network using TCP (Transmission Control Protocol) and UDP (User Datagram Protocol).

Security companies issued warnings to their customers about the new vulnerability, as well.

Internet Security Systems Inc. released a security brief on Tuesday that called the Workstation Service vulnerable "relatively easy to exploit," and warned that "exploits written to take advantage of standard (buffer overruns) are generally very robust, and good candidates for use in the creation of Internet worms."

The CERT Advisory about the Workstation Service is similar to an advisory the Pittsburgh-based organization issued in October after Microsoft revealed that there was a security hole in the widely deployed Windows Messenger Service, which allowed users on a network to display text messages on pop-up windows on a Windows user's desktop.

Like Workstation Service, Windows Messenger Service is enabled by default on many versions of Windows and contains a buffer overrun vulnerability that make it an attractive target for malicious hackers and virus writers.

After releasing a patch for the Windows Messenger Service vulnerability, Microsoft said it would disable the feature by default in Service Pack 2 for Windows XP in an effort to protect computers from attacks.

Turning off Workstation Service will not be easy. The Service must be enabled in order for computers on a network to connect to shared file servers or printers. Disabling disrupts a user's ability to log on to and browse computer networks, Microsoft said.

Microsoft and CERT said that disabling Workstation Service is only feasible as an alternative to applying the software patch for stand-alone computers that are not on a network, such as those used by home users.

E-mail

Printer Friendly

Reprints

Slashdot It!

TOP NEWS:

» Troubleshooting tool for Java offered
Sun's Java VisualVM open-source technology views apps while they run on a JVM and is billed as all-in-one solution

» Python backing eyed for NetBeans
Scripting language capabilities of the open-source IDE continue to expand

» Microsoft sets Windows XP SP3 automatic download for Thursday
The latest service pack for Windows XP will be pushed to Automatic Update at 7a.m. EDT on July 10

» Real Software, Veryant bolster dev tools
RealBasic, Cobol apps platforms get improvements

» Microsoft sets hosted-services pricing, irks partners
By offering 38 percent discount to customers who buy entire hosted business productivity suite, Microsoft undercuts partners selling similar services

» Adobe readying new mashup tool for business users
Mashup interface code-named 'Genesis' will open up desktop 'workspace' combining business application data, documents, analytics, and instant messaging

5 Things You Need to Know About Storage Virtualization
This Webcast feature insights from various InfoWorld articles, as well as primary research conducted by InfoWorld and sister company IDC to better understand demand drivers, challenges and opportunities provided by storage virtualization, as well as other flavors or approaches to virtualization Sponsor: HP

» Click here to view this Webcast

The Silver Lining: Cloud Computing
This IT Strategy Guide digs deep into cloud computing helping put you ahead of the curve on this hot topic. It explores the differences between cloud computing, grid computing and utility computing and then helps you see where and how each applies to your business. Sponsored by Box.net

» Click here to download now

- Special Advertising Partners -

WHITE PAPERS

Going mobile with today's technology - Mobile applications are transforming how companies operate. With new ways to work flexibly, employees are becoming more ...
Measuring mobile productivity - Companies must be able to measure productivity gains from mobile working. Productivity is notoriously difficult to measure...
Thinking about IMS - IMS's increased flexibility and the potential it offers for new services will create a fundamental shift in the way that...
Agile Development: 5 Steps to Continuous Integration - As more and more organizations adopt agile development, the need for continuous integration of a build can be a daunting...
Leading Analysts: Pen Testing is a Requirement - In a newly-published case study, Gartner's John Pescatore, one of the most respected analysts covering the IT security market...
Solution for Open Virtualization Provides Server Consolidation - Using virtualization to decrease the number of servers presents cost savings opportunities. Organizations that want to take...

» Technology White Papers Library

Technology White Papers by Topic

Technology White Papers E-mail Alert

Find out when the latest white paper is available:

INFOWORLD MARKETPLACE

Deliver REMOTE SUPPORT Easily. Try WebEx FREE! - DOWNLOAD WEBEX SUPPORT CENTER FREE! Deliver efficient, effective support. CRUSH SUPPORT LOG JAMS!
Migrating to an IP-VPN? XO Can Make It Happen - Learn the five critical success factors with a free whitepaper from XO Enterprise Solutions.
Sign up to TRY WEBEX SUPPORT CENTER FOR FREE! - Get your FULL FEATURED trial here. Share documents and applications, address support challenges.
IP Networks Boost Secure Health Communications - AT&T provides secure communication to keep health care moving forward.
Why a CMDB? - IT best practices (ITIL) have shown the benefits of a CMDB. Click for whitepapers.

» BUY A LINK NOW

TECH WATCH

What's the 411 on GOOG-411?
Just as Google has become synonymous with "performing a Web search," 411 is understood to mean "information" -- as in "what's the 411?" I was thus surprised to discover, from a billboard, no less, that the king of search is taking on the ...

Apple HTML source reveals 'iPhone Extreme'
"This one's a stretch..." reports AppleInsider. Um, yeah. Reporting on HTML code sightings of product names could be called a stretch, but iPhone Extreme has a ring to it. Now, that sounds like the product Apple should have released first, rather ...

COLUMNISTS

Unified under law

(InfoWorld) - In the litigious world we live in, deploying a unified communications platform in your enterprise could...

» MORE COLUMNISTS

MORE INFOWORLD BLOGS

Open Sources

Product Management
When I joined MySQL four years ago, there was quite a lot of debate about product management. We didn't actually have ...

Zero Day

Botnet herders tending smaller flocks
New research backs up the theory that botnet operators are keeping their networks smaller in a continued effort to keep ...

• Advice Line
• Database Underground
• The Deep End
• Enterprise Mac
• Geeks in Paradise
• Grid Meter
• The Gripe Line
• InfoWorld Daily
• Inside IT
• IT Troubleshooter
• ITXtreme
• Open Sources
• ProdBlog
• Real World SOA
• Reality Check
• Security Adviser
• SMB IT
• The Storage Network
• Tech Watch
• Virtualization Report
• Zero Day

RESOURCE CENTER	advertisement
Ads by techwords beta See your link here

GOVERNMENT IT & POLICY
•	'If you don't go after the network, you're never going to stop these guys. Never.'
•	From the State Department, All the News for Inquiring Minds
•	TechPresident, the Internet Citizenry's New Consensus Taker

Sponsored Technology Links
CA - Efficient - Flexible - Compliant PGP - Is Your Data Safe? Novell, IBM, and Intel - Solution for Open Virtualization Provides Server Consolidation Curl - IT Guide: Rich Internet Application (RIA) Security HP/Intel - If you don't have enough I/O, your VMs aren't going to go. Symantec - Whitepaper: Secure, recover, and archive critical information Microsoft - {Open Source} Heroes Happen Here Symantec - Whitepaper: Protecting Microsoft(R) Applications Riverbed - Five Ugly Truths about WAFS and Caching InterSystems - Use Ensemble - quickly create composite applications. AT&T - Factors to consider when comparing DSL or Cable Cirba - Advanced Workload Analysis Techniques Rackspace - Go Green Without Sacrificing Server Performance CA - Manage your IT more effectively. AT&T - Measuring mobile productivity AT&T - Thinking about IMS CA - Plan IT better, Manage IT better. AT&T - Refine your company's plan for a Business Disruption Event AT&T - Going mobile with today's technology Cirba - Consolidating Workloads onto Mainframes AT&T - What to expect from a Technology Assessment.		AT&T - Class of Service: Myths and Misconceptions AT&T - Enhancing security through Quantum Cryptography Riverbed - Wide Area Data Services Microsoft - Microsoft Forefront makes defending your systems easier. Learn how. HP - Explore the interactive whitepaper: Rightsizing Blades for the mid-market. Symantec - Webcast: Beyond AntiVirus AMD - Renowned Engineering Institution Chooses AMD Processor-Based Servers AMD - Watch this flash demo of the Quad-Core AMD Opteron Processor EMC - EMC and VMware help you build your virtualized infrastructure. AMD - HP and Oracle deploy unbreakable computing infrastructure Qwest - Learn how Qwest voice and data solutions can save you time. MKS - The Power of UNIX/Linux on Windows with MKS Toolkit Vision Solutions - Is your smaller organization ready for High Availability? Vision Solutions - Is system maintenance doing more harm than good? HP - NEW HP LaserJet P4014n printer Starting at $699 after $100 IS. HP - HP LaserJet M3035 MFP series Starting at $1,599. SHOP NOW HP - Speed, agility, flexibility - The HP BladeSystem c-Class. Vkernel - Resolve Capacity Bottlenecks and Enhance Your Virtual Environment Nokia - Restore Your Mobile Devices With One Click Oracle - The Power of Two with SOA and BPM

	HOME NEWS BLOGS PODCASTS VIDEOS TECHNOLOGIES TEST CENTER EVENTS CAREERS	About \| Advertise \| Awards \| RSS \| Contact Us
Copyright © 2008, Reprints, Permissions, Licensing, IDG Network, Privacy Policy, Terms of Service. All Rights reserved. InfoWorld is a leading publisher of technology information and product reviews on topics including viruses, phishing, worms, firewalls, security, servers, storage, networking, wireless, databases, and web services. CIO :: ComputerWorld :: CSO :: Demo :: GamePro :: Games.net :: IDG Connect :: IDG World Expo Industry Standard :: IT World :: JavaWorld :: LinuxWorld :: MacUser :: Macworld :: Network World :: PC World :: Playlist